Introduction

VS Code Remote SSH allows editing files on remote servers as if they were local. When the SSH key exchange fails, the connection cannot be established:

bash
Could not establish connection to "remote-server"
kex_exchange_identification: Connection closed by remote host

Or: `` no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

Symptoms

  • Remote SSH connection fails immediately during handshake
  • Error about "no matching key exchange method" or "no matching host key"
  • SSH works from the terminal but not from VS Code
  • Connection works to some servers but not others
  • Error appeared after updating VS Code or the remote server's OS

Common Causes

  • Server uses outdated SSH algorithms not supported by modern SSH clients
  • VS Code's bundled SSH client has stricter algorithm requirements than system SSH
  • Server's sshd_config restricts key exchange algorithms
  • Outdated OpenSSH version on the remote server
  • Network device (firewall, proxy) interfering with SSH handshake

Step-by-Step Fix

  1. 1.Test SSH from the terminal to isolate the issue:
  2. 2.```bash
  3. 3.ssh -v user@remote-server
  4. 4.`
  5. 5.Look for the line showing which key exchange algorithm was negotiated.
  6. 6.Add compatible algorithms to your SSH config. Edit ~/.ssh/config:
  7. 7.`
  8. 8.Host remote-server
  9. 9.HostName 192.168.1.100
  10. 10.User myuser
  11. 11.KexAlgorithms +diffie-hellman-group14-sha1
  12. 12.HostKeyAlgorithms +ssh-rsa
  13. 13.PubkeyAcceptedAlgorithms +ssh-rsa
  14. 14.`
  15. 15.Update the remote server's SSH configuration. Edit /etc/ssh/sshd_config:
  16. 16.`
  17. 17.KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512
  18. 18.HostKeyAlgorithms ssh-ed25519,ecdsa-sha2-nistp256,rsa-sha2-256,rsa-sha2-512
  19. 19.`
  20. 20.Then restart SSH: sudo systemctl restart sshd
  21. 21.Specify the SSH client path for VS Code. In VS Code settings:
  22. 22.```json
  23. 23.{
  24. 24."remote.SSH.path": "/usr/bin/ssh"
  25. 25.}
  26. 26.`
  27. 27.This uses your system's SSH client instead of VS Code's bundled version.
  28. 28.Update OpenSSH on both local and remote machines:
  29. 29.```bash
  30. 30.# On the remote server
  31. 31.sudo apt update && sudo apt install openssh-server

# Check version ssh -V # Should be OpenSSH_8.0 or higher ```

Prevention

  • Keep OpenSSH updated on both local and remote machines
  • Use modern key exchange algorithms (curve25519, ecdh) in server configuration
  • Add SSH configuration for each remote server in ~/.ssh/config
  • Test Remote SSH connections after server OS upgrades
  • Use SSH key-based authentication instead of passwords for reliability
  • Document the minimum SSH version required for VS Code Remote SSH
  • Use ssh -V to verify SSH client version compatibility
  • For legacy servers that cannot be updated, configure algorithm overrides in ~/.ssh/config